Ubuntu Update for moin vulnerabilities USN-458-1

Published: 2009-03-23 09:55:18
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:N

Summary:
Ubuntu Update for Linux kernel vulnerabilities USN-458-1

Affected Versions:
moin vulnerabilities on Ubuntu 6.06 LTS , Ubuntu 6.10 , Ubuntu 7.04

Recommendations:
Please Install the Updated Packages.

Technical Details:
A flaw was discovered in MoinMoin's error reporting when using the AttachFile action. By tricking a user into viewing a crafted MoinMoin URL, an attacker could execute arbitrary JavaScript as the current MoinMoin user, possibly exposing the user's authentication information for the domain where MoinMoin was hosted. (CVE-2007-2423) Flaws were discovered in MoinMoin's ACL handling for calendars and includes. Unauthorized users would be able to read pages that would otherwise be unavailable to them.

Detection Type:
Linux Distribution Package

Solution Type:
Vendor Patch

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)

https://nvd.nist.gov/vuln/detail/CVE-2007-2423

References:

http://www.ubuntu.com/usn/usn-458-1/

Search
Severity
Medium
CVSS Score
5.8

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.